>_ DevTrendsen

Language

Home

Languages

Sections

Frontend Backend Mobile DevOps AI / ML GameDev Blockchain Security
Python

Sarenka — OSINT Powerhouse for Vulnerability and Attack Surface Analysis

667 stars

When One Tool Replaces a Dozen Services

Sound familiar? When analyzing system security, you have to jump between Shodan, Censys, WHOIS services, and vulnerability databases? The Polish project Sarenka offers an elegant solution — a unified platform for OSINT data collection and analysis.

What Can This Pentester's "Swiss Army Knife" Do?

  1. Centralized data collection from:

    • Shodan (IP information)
    • Censys (device data)
    • Criminal IP (alternative data source)
    • DNS and WHOIS services
  2. Vulnerability analysis:

    • CVE search by CWE
    • Database with vulnerability mapping
    • PDF report generation
  3. Useful tools:

    • Hash calculator
    • Shannon entropy calculation
    • Basic port scanner (when nmap is overkill)

Technical Highlights

Sarenka is built on:

  • Python 3.8+ (supports Windows 10 and Kali Linux)
  • Django + DRF for the backend
  • React for the frontend
# Быстрый старт
$ git clone https://github.com/pawlaczyk/sarenka.git
$ cd ./sarenka
$ python3 -m venv env
$ source env/bin/activate
$ pip3 install -r requirements.txt
$ python backend/manage.py runserver

Who Is It For?

  • Pentesters for rapid reconnaissance
  • DevOps engineers for analyzing their own infrastructure
  • Security researchers for vulnerability discovery

Data Visualization

Main interface

CVE analysis

Future Roadmap

The team plans to:

  • Full test coverage
  • Docker image for quick deployment
  • Expanded mathematical toolkit
  • Data visualization via d3.js

Sarenka is a successful attempt to create a universal tool for OSINT reconnaissance. Although the project is still evolving, it can already significantly speed up the work of security professionals.

Give it a try if:

  • You're tired of switching between a dozen services
  • You need quick attack surface analysis
  • You want a convenient tool for everyday vulnerability work

Related projects